Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2008/03/07 12:0 a.m.35 views

openSUSE 10 Security Update : asterisk (asterisk-5062)

Attackers could bypass host based authentication by using a valid username CVE-2007-6430 Attackers could inject SQL commands under certain circumstances if 'cdrpgsql' was used CVE-2007-6170 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

6.5CVSS5.6AI score0.02811EPSS
Exploits1References2
OSV
OSV
added 2007/12/20 2:46 a.m.9 views

CVE-2007-6430

Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations "realtime" and host-based authentication, does not check the IP address when the username is correct and there is no...

6.7AI score
Exploits0References15
CVE
CVE
added 2007/12/20 2:0 a.m.80 views

CVE-2007-6430

CVE-2007-6430 affects Asterisk Open Source 1.2.x (before 1.2.26), 1.4.x (before 1.4.16), and Business Edition B.x.x (before B.2.3.6) and C.x.x (before C.1.0-beta8). The issue is that when using realtime (database-based registrations) and host-based authentication, the system does not check the IP...

4.3CVSS6.5AI score0.01951EPSS
Exploits0References15Affected Software2
securityvulns
securityvulns
added 2007/12/19 12:0 a.m.55 views

AST-2007-027 - Database matching order permits host-based authentication to be ignored

Asterisk Project Security Advisory - AST-2007-027 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Database matching order permits host-based | | | authenticatio...

4.3CVSS6.4AI score0.01951EPSS
Exploits0
Rows per page
Query Builder